Bluto – DNS Recon, Zone Transfer & Brute Forcer

Bluto is a Python-based tool for DNS recon, DNS zone transfer testing, DNS wild card checks, DNS brute forcing, e-mail enumeration and more. The target domain is queried for MX and NS records. Sub-domains are passively gathered via NetCraft. The target domain NS records are each queried for potential Zone Transfers. If none of them […]

The…

Read the full post at darknet.org.uk

Continue reading Bluto – DNS Recon, Zone Transfer & Brute Forcer

Bluto – DNS Recon, Zone Transfer & Brute Forcer

Bluto is a Python-based tool for DNS recon, DNS zone transfer testing, DNS wild card checks, DNS brute forcing, e-mail enumeration and more. The target domain is queried for MX and NS records. Sub-domains are passively gathered via NetCraft. The target domain NS records are each queried for potential Zone Transfers. If none of them […]

The…

Read the full post at darknet.org.uk

Continue reading Bluto – DNS Recon, Zone Transfer & Brute Forcer

The .io Error – Taking Control of All .io Domains With a Targeted Registration

In a previous post we talked about taking over the .na, .co.ao, and .it.ao domain extensions with varying levels of DNS trickery. In that writeup we examined the threat model of compromising a top level domain (TLD) and what some avenues would look like for an attacker to accomplish this goal. One of the fairly… Read More Continue reading The .io Error – Taking Control of All .io Domains With a Targeted Registration

The Journey to Hijacking a Country’s TLD – The Hidden Risks of Domain Extensions

I will liken him to a wise man, who built his house on a rock. The rain came down, the floods came, and the winds blew, and beat on that house; and it didn’t fall, for it was founded on the rock. Everyone who hears these words of mine, and doesn’t do them will be… Read More Continue reading The Journey to Hijacking a Country’s TLD – The Hidden Risks of Domain Extensions

dns2proxy – Offensive DNS server

dns2proxy is an offensive DNS server that offers various features for post-exploitation once you’ve changed the DNS server of a victim. It’s very frequently used in combination with sslstrip. Features Traditional DNS Spoofing Implements DNS Spoofing via Forwarding Detects and corrects changes for sslstrip to work Usage Using the spoof.cfg config…

Read the full post at darknet.org.uk

Continue reading dns2proxy – Offensive DNS server

dnsteal – DNS Exfiltration Tool

dnsteal is a DNS exfiltration tool, essentially a fake DNS server that allows you to stealthily extract files from a victim machine through DNS requests. dnsteal is coded in Python and is available on Github. Features dnsteal currently has: Support for… Continue reading dnsteal – DNS Exfiltration Tool

The International Incident – Gaining Control of a .int Domain Name With DNS Trickery

The .int or international TLD is perhaps one of the most exclusive extensions available on the Internet. The number of domains on the extension is so small it has it’s own Wikipedia page. Introduced around 27 years ago its primary purpose has been for international treaty organizations. The requirements for a .int domain are listed… Read More Continue reading The International Incident – Gaining Control of a .int Domain Name With DNS Trickery

DNSRecon – DNS Enumeration Script

DNSRecon is a Python based DNS enumeration script designed to help you audit your DNS security and configuration as part of information gathering stage of a pen-test. DNS reconnaissance is an important step when mapping out domain resources, sub-domains, e-mail servers and so on and can often lead to you finding an old DNS entry […]

The…

Read the full post at darknet.org.uk

Continue reading DNSRecon – DNS Enumeration Script